package com.example.clothingmanager.service;

import com.example.clothingmanager.bean.Depot;
import com.example.clothingmanager.bean.Instock;
import com.example.clothingmanager.bean.User;
import com.example.clothingmanager.dao.InstockDao;
import com.example.clothingmanager.dao.UserDao;
import com.example.clothingmanager.utils.Result;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.IncorrectCredentialsException;
import org.apache.shiro.authc.UnknownAccountException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.subject.Subject;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;

import javax.servlet.http.HttpSession;
import java.util.ArrayList;
import java.util.List;

/**
 * @author Huangyt
 * @version 1.0
 * @date 2020/5/11 14:08
 */
@Service
public class LoginService {
    @Autowired
    UserDao userDao;
    @Autowired
    InstockDao instockDao;
    @Autowired
    DepotService depotService;

    public Result check(User user, HttpSession session){
        String account = user.getAccount();
        String password = user.getPassword();
        /**
         * 使用Shiro对页面的账号与密码进行认证
         */
        //1、获取Subject
        Subject subject = SecurityUtils.getSubject();
        //2、封装用户数据, 形成一个令牌
        UsernamePasswordToken token = new UsernamePasswordToken(account, password);
        //3、执行登录方法
        try{
            //执行此方法时会调用到 doGetAuthenticationInfo 认证方法
            subject.login(token);
            User data_user = userDao.findByAccountAndPassword(account, password);
            if(null!=data_user){
                session.setAttribute("user", data_user.getAccount());
                return Result.success();
            }
            return Result.fail("账号或密码错误");
        }
        catch(Exception e){
            //登录失败
            return Result.fail("账号或密码错误");
        }
    }

    public Result logOut(HttpSession session){
        String user = (String) session.getAttribute("user");
        if(null!=user){
            Subject subject = SecurityUtils.getSubject();
            if(subject.isAuthenticated()){
                subject.logout();
                return Result.success();
            }
        }
        return Result.fail("用户Session不存在，登出失败");
    }

    public Result getHeadPage(String account){
        User user = userDao.findByAccount(account);
        if(null!=user){
            return Result.success(user.getId());
        }
        return Result.fail("");
    }

    public Result getUser(HttpSession session){
        String account = (String) session.getAttribute("user");
        if(null!=account){
            User user = userDao.findByAccount(account);
            if(null!=user){
                return Result.success(user);
            }
        }
        return Result.fail("用户Session不存在");
    }

    public Result getAuthorInstock(String account){
        List<Depot> depots = null;
        User user = userDao.findByAccount(account);
        if(null!=user){
            String auth = user.getAuth();
            if("director".equals(auth)){
                Result res = depotService.list();
                if(res.isSuccess()){
                    depots = (List<Depot>) res.getData();
                    return Result.success(depots);
                }
            }else if("admin".equals(auth)){
                Depot depot = user.getDepot();
                depots = new ArrayList<>();
                depots.add(depot);
                return Result.success(depots);
            }else {
                return Result.fail("获取仓库数据失败");
            }
        }
        return Result.fail("获取仓库数据失败");
    }
}
